Lucene search
K

2577 matches found

Tenable Nessus
Tenable Nessus
added 3 days ago7 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS : libsoup vulnerabilities (USN-8523-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8523-1 advisory. Eric Su and Samuel Dainard discovered that libsoup incorrectly handled content with zero-leng...

9.1CVSS6.7AI score0.0042EPSS
Exploits1References3
OSV
OSV
added 2026/06/30 10:27 a.m.4 views

SUSE-SU-2026:2702-1 Security update for libsoup

This update for libsoup fixes the following issue - CVE-2026-1801: HTTP Request Smuggling in soupfilterinputstreamreadline bsc1257649...

6.5CVSS6.6AI score0.00376EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in libsoup3

A flaw was discovered in libsoup. An attacker who can control the input for the Content-Disposition header can inject CRLF Carriage Return Line Feed sequences into the header value. These sequences are then interpreted verbatim when the HTTP request or response is constructed, allowing arbitrary...

5.8CVSS6.3AI score0.00298EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in libsoup3

A flaw was discovered in libsoup’s SoupServer. A remote attacker could exploit a use-after-free vulnerability, where the soupserverdisconnect function releases connection objects prematurely, even if a TLS handshake is still pending. If the handshake completes after the connection object has been...

8.2CVSS5.8AI score0.00447EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in libsoup3

There is a vulnerability related to request smuggling in LibSoup’s HTTP/1 header parsing logic. The soupmessageheaders.AppendCommon function in libsoup/soup-message-headers.c appends each header value unconditionally, without checking for duplicates or conflicting Content-Length fields. This allo...

5.3CVSS5.8AI score0.00321EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in libsoup3

A flaw was discovered in the asynchronous message queue handling of the libsoup library, which is widely used by GNOME and WebKit-based applications for managing HTTP/2 communications. When network operations are aborted at specific timing intervals, an internal message queue item may be freed...

7.5CVSS5.7AI score0.00416EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in libsoup2.4

A flaw was discovered in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, resulting in a buffer overread. This can allow an attacker to potentially access sensitive information or cause a denial of service at the application level...

9.1CVSS6.8AI score0.0042EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 1:11 p.m.4 views

OESA-2026-2719 libsoup security update

libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications, and also has a synchronous API, for use in threaded applications. Security Fixes: A request smuggling vulnerability exists in libsoup's HTTP/1 header parsing...

5.3CVSS5.9AI score0.00321EPSS
Exploits1References2
OSV
OSV
added 2026/06/24 1:11 p.m.6 views

OESA-2026-2718 libsoup security update

libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications, and also has a synchronous API, for use in threaded applications. Security Fixes: A request smuggling vulnerability exists in libsoup's HTTP/1 header parsing...

5.3CVSS5.9AI score0.00321EPSS
Exploits1References2
OSV
OSV
added 2026/06/24 1:11 p.m.4 views

OESA-2026-2717 libsoup security update

libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications, and also has a synchronous API, for use in threaded applications. Security Fixes: A flaw was found in libsoup. The SoupWebsocketConnection may accept a large...

7.5CVSS7.1AI score0.00821EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.11 views

Oracle Linux 9 : libsoup (ELSA-2026-19356)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-19356 advisory. - Backport patch for CVE-2026-5119 - Backport patch for CVE-2026-1761 - Backport patch for CVE-2026-0719 - Backport patch for CVE-2025-14523 Tenable has...

8.6CVSS6.7AI score0.00947EPSS
Exploits1References2
CVE
CVE
added 2026/06/22 1:55 p.m.38 views

CVE-2026-12549

The CVE-2026-12549 entry concerns GNOME Libsoup (soupserver). A regression after the fix for CVE-2026-2443 replaced specific overflow checks with a general signed comparison. When a client issues a Range request with a suffix length exceeding the content size, the resulting negative start value i...

4.8CVSS5.9AI score0.00325EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/06/22 1:55 p.m.47 views

CVE-2026-12549 Libsoup: incomplete fix for cve-2026-2443: range suffix overflow in libsoup soupserver

The fix for CVE-2026-2443 was regressed by a subsequent rework commit that replaced specific overflow checks with a general signed comparison. When a client sends a Range request with a suffix length exceeding the content size, the resulting negative start value is not properly clamped, leading t...

4.8CVSS0.00325EPSS
Exploits1References4
OSV
OSV
added 2026/06/22 8:18 a.m.7 views

ROOT-OS-DEBIAN-13-CVE-2026-5119 CVE-2026-5119 in rootio-libsoup3 - Patched by Root

Root has patched CVE-2026-5119 in the rootio-libsoup3 package for Root:Debian:13. Multiple fixed versions available...

8.2CVSS5.8AI score0.00254EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.7 views

SUSE SLED15 / SLES15 Security Update : libsoup (SUSE-SU-2026:2314-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2314-1 advisory. This update for libsoup fixes the following issues - CVE-2026-1801: HTTP Request Smuggling in...

7.5CVSS5.7AI score0.00829EPSS
Exploits1References7
OSV
OSV
added 2026/06/12 12:25 p.m.8 views

OESA-2026-2618 libsoup security update

libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications, and also has a synchronous API, for use in threaded applications. Security Fixes: A flaw was found in libsoup. The SoupWebsocketConnection may accept a large...

7.5CVSS7.3AI score0.00872EPSS
Exploits0References3
OSV
OSV
added 2026/06/12 12:25 p.m.9 views

OESA-2026-2617 libsoup security update

libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications, and also has a synchronous API, for use in threaded applications. Security Fixes: A flaw was found in libsoup. The SoupWebsocketConnection may accept a large...

7.5CVSS7.3AI score0.00872EPSS
Exploits0References3
OSV
OSV
added 2026/06/12 12:25 p.m.12 views

OESA-2026-2616 libsoup security update

libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications, and also has a synchronous API, for use in threaded applications. Security Fixes: A flaw was found in libsoup. A remote attacker could exploit an unsigned to...

4.8CVSS5.4AI score0.00872EPSS
Exploits0References2
OSV
OSV
added 2026/06/12 12:25 p.m.11 views

OESA-2026-2615 libsoup security update

libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications, and also has a synchronous API, for use in threaded applications. Security Fixes: A flaw was found in libsoup. A remote attacker could exploit an unsigned to...

4.8CVSS5.4AI score0.00872EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.10 views

EulerOS 2.0 SP13 : libsoup (EulerOS-SA-2026-2298)

According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in...

8.2CVSS5.6AI score0.00254EPSS
Exploits1References2
Rows per page
Query Builder